how to generate OTP and send the password to mobile via sms

Asked 12/3, 2014 at 13:4 Answered 28/8, 2017 at 18:3

Solved php sql api authentication one-time-password

I am doing a project of using OTP for the login of the websites, I have created a button named "Generate" once clicked it will create an OTP and send an SMS via HTTP gateway, then it stores the password in the database.

My code to create an OTP and save in DB:

if(isset($_POST['generate']))
{
    $string = 'abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $string_shuffled = str_shuffle($string);
    $password = substr($string_shuffled, 1, 7);

    $password = base64_encode($password);
    $query = mysql_query("UPDATE user_login SET password='".$password."' WHERE username = 'ajai sandy' ");
    $qry_run = mysql_query($query);
}

Now I need to place this code of SMS API:

http://login.smsgatewayhub.com/smsapi/pushsms.aspx?user=abc&pwd=xyz&to=919898123 456&sid=senderid&msg=test%20message&fl=0

The thing is the 5th line of code generates the OTP, then I need to place my SMS API after this so that it could send the password to the mobile, then it should encrypt the password which is on the 6th line and then saves in the database.

Am not sure how to perform this action in sequence and don't know where to place the code

Denudate answered 12/3, 2014 at 13:4 Comment(1)

@krishna am having both the codes but am not sure how to place them with one another .. I need to generate an OTP then send the password to mobile via sms . Then save the password in db under encryption – Denudate 12/3, 2014 at 13:11

Try this.

if(isset($_POST['generate']))
{
    $string = 'abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $string_shuffled = str_shuffle($string);
    $password = substr($string_shuffled, 1, 7);

    file_get_contents("http://login.smsgatewayhub.com/smsapi/pushsms.aspx?user=abc&pwd=$password&to=919898123456&sid=senderid&msg=test%20message&fl=0");


    $password = base64_encode($password);
    $query = mysql_query("UPDATE user_login SET password='".$password."' WHERE username = 'ajai sandy' ");
    $qry_run = mysql_query($query);
}

Sheepskin answered 12/3, 2014 at 13:35 Comment(4)

it says "failed to open stream" , the url is suppose to send a request to the server "smsgateway.com" – Denudate 12/3, 2014 at 13:50

I took the SMS api link and pasted in my browser url bar and hit the period key , its working like a charm . But when placed inside the coding its generating the error " failed to open stream" – Denudate 13/3, 2014 at 1:26

use like this..

echo file_get_contents("http://login.smsgatewayhub.com/smsapi/pushsms.aspx?user=abc&pwd=pwd&to=919898123456&sid=senderid&msg=your-password-is-$password%20message&fl=0");

– Sheepskin 13/3, 2014 at 4:54

On which website did you implemented it ? I hope it is not a too critical service. It doesn't look very secure to discard duplicates letters in OTP and limit it to 7 chars... Lastly, why base64 encode a string which is not binary ? It adds no extra security layer. – Intertwine 22/7, 2016 at 8:24

The following code works like a charm ,

 header('Location:http://login.smsgatewayhub.com/smsapi/pushsms.aspx?user=abc&pwd=$password&to=919898123456&sid=senderid&msg=test%20message&fl=0');

Denudate answered 13/3, 2014 at 5:59 Comment(1)

I paste it, but it is Failed#Invalid Login. – Isabeau 2/10, 2015 at 3:24

Thanks, I am happy to refer you this awesome tutorial

//OTP SYSTEM CODE

function sendSMS($mobile=null, $subject=null)
{
$SMSapiKey = 'XYZ';
$url = 'http://example.com/api_2.0/SendSMS.php?APIKEY='.$SMSapiKey.'&MobileNo='.urlencode($mobile).'&SenderID=SAMPLE_MSG&Message='.urlencode($subject).'&ServiceName=TEMPLATE_BASED';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$returndata = curl_exec($ch);
curl_close($ch);
return "A SMS SENT SUCCESSFULLY TO $mobile";
}
$otp_code = strtoupper(substr(md5(uniqid()), 0, 6));   // A smart code to generate OTP PIN.

Checkout this awesome tutorial and implementation of G2FA for crypto-graphically secured OTP make otp system using php

Virtue answered 11/8, 2016 at 19:5 Comment(0)

Here is a quick sample code to send OTP via PHP with http://2Factor.in OTP API

 <?php

$YourAPIKey='<YourAPI>';
$SentTo='<User10DigitNumber>';


### DO NOT Change anything below this line
$agent= 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322)';
$url = "https://2factor.in/API/V1/$YourAPIKey/SMS/$SentTo/AUTOGEN"; 
$ch = curl_init(); 
curl_setopt($ch, CURLOPT_URL,$url); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
echo curl_exec($ch); 
curl_close($ch);

You may refer to THIS LINK illustrating quick steps to implement SMS OTP from PHP

Holeandcorner answered 28/8, 2017 at 18:3 Comment(0)

Recommended topics

Hot tags